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[57] ABSTRACT 

A digital information protection scheme using an improved 
security protocoL In a system in which a user makes an 
access to a digital information provided by an information 
center by connecting a computer card owned by the user to 
an information terminal device connected with the Infoona- 
tion center, a woik key for encrypting a desired digital 
informatioD is delivered from the information center to the 
con:^)utcr card through the information terminal device, and 
the work key is registered in the computer card; the desired 
digital information encrypted by the woric key is delivered 
from the infoimation center to the information terminal , 
device; and an encrypted digital information delivered from 
the information center is decrypted at the information ter- 
minal device by using the work key registered in the 
computer card, and a decrypted digital information is pro- 
vided to the user at the infonnation terminal device. 
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METHOD AND SYSTEM FOR DIGITAL 
INFORMATION PROTECTION 

BACKGROUND OF THE INVENTION 

1. Field of die loventioa 

The present invention relates to a digital infonnation 
protection scheme for preventing illegai duplications of 
digital infonnation such as digital audio Information, digital 
visual information, digital con^^uter program infonnation, 
eta 

2. Description of the Background Ait 
In recent years, due to the advance of the high speed 

digital communication techniques such as ISDN and digital 
information oonqnession technique for speeches, dynamic 
images, still pictures, etc. (including MPEG (Moving Fic- 
tuie Ejqpcits Group) and JPEG (Joint Fhotogrcq)hic coding 
Experts Group), it has become possible to deliver the 
writings such as music, video, pictures, books, etc to each 
user terminal &om an infonnatioo center ttuough a commi>- 
nication channel, by converting them into digital 
information, and compressing and encoding the digital 
infoimatioa 

In this regard* diexc are known examples of a ddivciy 
service utilizing a p^sonal computer oommonicadon, etc. 
for a con^uter software which requires smaller amount of 
data ooaq>ared with the digital infonnatiott such as video. 
However, this conventional software ddivcxy senicc utiliz- 
ing a personal oonq>uter oommunicatioD, etc, does Dot 
encrypt the software to be delivered, so that tticrc has been 
a problem that it provides an envirounent in which an illegal 
copying of the software is easier compared with a usual 
software sale system using a package such as a floppy disk. 

On the other hand, there is a computer software sale 
system using a CD-ROM that has recently been joacticed in 
the U.Sj\., in whidi a CD-ROM containing an encrypted 
main software and a non-encrypted software foe demoastra^ 
tion is sold and distributed at low price, and when a user is 
satisfied with the trial on the software for demonstration, the 
uso- orders a purchase of the main software to a service 
center via ttie telephone, etc, in response to which the 
decryption key is notified to the uset such that the user can 
use the encrypted main sctftware on the purchased CD-ROM 
by decrypting it using the notified decryption key. 

However, this computer software sale system using a 
CD-ROM also has problems in that it requires a human 
action in acquiring the decryption key from the service 
center via the tel^hone, etc., and that a privacy of the user 
cannot be protected. Moreover, because of the involvement 
of the human action, there is a possibility for the illegal 
copying induced by the unlawful conduct such as die illegal 
disposition of the decryption key. 

SUMMARY OF THE INVENTION 

It is therefore an object of the present invention to provide 
a digital information protection scheme in whidi the leakage 
of the digital information to die third party can be protected 
and the illegal copying of the digital infonnatioD is difficult 
even fcx a legitimate user. 

Acoordiiig to one aspect of the present invention there is 
provided a method for digital information protection in a 
system in which a user makes an access to a digital infor- 
mation provided by an infonnation center, by connecting a 
oon^Hiter card owned by the user to an inf cHmatiott terminal 
device connected with the information center, the method 
conqmsing the steps of: (a) carrying out a mutual authen- 
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tication between the computer card and the information 
terminal device; (b) carrying out a user authentication by the 
computer card through the information terminal device; (c) 
sending an inf omiation request specifying die desired digital 
5 information of the user firom the information terminal device 
to the information center by signing and encrypting an 
informadoD identifier for identifying the desired digital 
informadon; (d) sending the work key for encrypting the 
desired dig^ information from the informatioo center to 
10 the conpiter card by a cipher communication using a public 
key cryptosystem; (e) obtaining and registering the work key 
sent from the information center at the conqwter cant and 
sending a work key receipt signature from the computer card 
to the information center; (f) receiving a work key request 
15 message containing a random number from the infonnation 
terminal device at the conqxiter card, encrypting the work 
key according to the random number, and sending an 
encrypted work key from the conqniter card to the informa- 
tion terminal device; (g) encrypting the desired digital 
20 informadon specified by the information request by using 
die work key at the ii^ormation center, and sending the 
encrypted digital information from the information center to 
the information tenninal device; (h) receiving and decrypt- 
ing the encrypted work key sent toca. the computer card so 
25 astoobtainthe work key at the information terminal device, 
receiving and decryptii^ the encrypted digital information 
sent from the infOTmation center by using the work key, and 
providing die decrypted digital information to the user at the 
information terminal device; and (i) sending an encrypted 
30 information receipt signature from the information terminal 
device to the infcsmation center, and recording the infor- 
mation request, the work key receipt signature, and the 
encrypted infoinaation receipt signature as a ground for 
charging at the information center. 
35 Accoixiing to another aspect of the present invention dicre 
is provided a method for digital infonnation protection in a 
system in which a user makes an access to a digital infor- 
mation provided by an infonnation center, by connecting a 
conqmter card owned by the user to an information terminal 
40 device connected with the information center, the method 
comprising the steps of: (a) canying out a mutual auAcn- 
tication between tiie confer card and the information 
tominal device; (b) csiying out a usa authentication by the 
computer card duougb die infonnation terminal device; (c) 
45 sending an information request spediying the desired digital 
inf<»mation of the user from the information tenninal device 
to the infannation center by signing and encrypting an 
inf<Mmation identifier for identifying the desired digital 
Information; (d) encrypting die desired digital information 
50 specified by the infonnation request by using the work key 
at the information center, and sending the encrypted digital 
informaticm from the information center to the information 
terminal device and the conqwtcr card; (e) receiving and 
storing the encrypted digital information sent from die 
55 information center at the infOTmation terminal device* and 
sending an infonnatioa receipt signature from the computer 
card to the Infonnation center via die information terminal 
device; (f) delivering tbc work key for encrypting die 
desired digital infonnaticm from die information center to 
60 the computer card, and obtaining and registering the w<ffk 
key sent from die infonnation center at the computer card, 
while returning a delivery certificate from the computer card 
to the infonnation center; (g) receiving a w<Hk key request 
message containing a random number from the infonnation 
65 terminal device at the computer card, encrypting the work 
key according to the random numb^, and sending an 
encrypted work key from the conqMiler card to the infcmna- 
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don terminal device; (h) receiving and decrypting the terminal device; the tnfonnation center comprising: infer- 

encrypted work key sect from the compute card so as to mation storage means for storing the digital information; 

obtain the work key at the information terminal device, communication control means fcor making a communication 

decrypting the encrypted digital infarxnation stored in the with the informatioa terminal device; key generation means 

infonnaCion terminal device by using die work key, and 5 fof generating the work key; encryption means for encrypt- 

providing the decrypted digital Infocmatloo to the user at the iag the digital infoimati<Hi by using the work key; public key 

information terminal device; and (i) sending an encrypted cryptosystem means f^ encrypting the work key in order to 

information receipt signature from die information terminal m^e a cipher communication of the work key; and signa- 

device to die information centex, and recording the infor- ture conversion means for i^oviding a signature of the 

mation request, the encrypted informadon receipt signature, infonnadon center. 

and die delivery certificate as a ground for charging at tfic Aocrading to another aspect of the present invention there 

information center. is provided an information tcrmiDal device for a digital 

According to another aspect of the present invention there information protection system in which a user makes an 

is provided a method for digital information protection in a access to a digital information provided t^y an infonnation 

system in which a user makes an access to a digital infor- center by coimecting a coo^utcr card owned by the user to 

mation pxrovided by an informatioo center, by ccnmecting a the infonnation terminal device connected with the Infor- 

coir^uter card owned by the user to an information terminal mation center, wherein the information center, the informa- 

devtce connected with the information center, the method tioa terminal device, and the conquter card are adapted to: 

conqnising the steps of: delivering a wotk. key for encrypt- delivo' a work key for encrypting a desired digital informa- 

ing a desired digital information from the information center 20 tion from the information center to the computer card 

to the computer card through the information terminal through the information terminal device, and regist^ the 

device, and registering the work key in the con^uter card; work key in the conqxjter card; deliver the desired digital 

delivering the desired digital information encrypted by the information encrypted by the work key from the information 

work key from the information center to the information center to the information terminal device; and decrypt an 

terminal device; and decrypting an encrypted digital infor- 25 encrypted digital information delivered from the informa- 

mation delivered from the information center at the infor- tion center at the information terminal device by using the 

mation terminal device by using the wotk key registered in work key registered in the computer card, and provide a 

the con^uter card, and providing a decrypted digital infor- decrypted digital information to the user at the infonxution 

mation to the user at the information terminal device. terminal device; the information terminal device ooix^His- 

Acccmling to another aspect of the present invention there 30 ing: first communication control means for making a corn- 
is provided a digital information protection system, coo^ munication with the information center; second communi- 
pdsing: an information center for providing a digital infor- cation control means for making a communication with the 
mation; an information terminal device connected with the conq;>utcr card; information storage means for storing the 
information center; and a computer card owned by a user, digital information; public cryptosystem means for enctypt- 
sucfa that the user makes an access to the digital information 35 ing the work key in order to make a cipher comnounication 
provided by the infonnation center by connecting the com- of the work key; signature conversion means for providing 
putcr card to the information terminal device; wherein die a signature of die informaticm terminal device; r andom 
inf(Hmation center, the infonnation terminal device, and the number g en^ation means for generating a random number: 
computer card are ad^ited to: deUvcr a work key for nUldilflgineans for matrhing the random number genauted 
encrypting a desired digital information from the infonna- 40 by the random numba generation means with a random 
tion center to the oonq)ut^ card through the information number received from the con^puter card; secret key storage 
terminal device, and registw the work key in the computer na eans for storing a secret key cf the information tomina l 
card; deliver die desired digital information encrypted die £vlcfr; dwypiion means for decrypting an encrypted work 
work key from the information center to the information key^Hdd an encrypted digital information; and secrecy pro- 
terminal device; and decrypt an encrypted digital informa- 45 tection means for physically protecting a secrecy of die 
tion delivered from the information center at the information random number generation means, the matching means, die 
terminal device by using the work key registered in die seaet key storage noeans, and the decryption means, 
computer card, and jn'ovide a decrypted digital information According to another aspect of the present invention there 
to the user at the information terminal device. i$ jjtovidod a computer card for a digital information pro- 

According to another aspect of the present invention there so tection system in which a use makes an access to a digital 

is provided an information center for a digital information information provided by an information center by conncct- 

protection system in which a uso* makes an access to a ing the computer card owned by the user to an information 

digital information provided by die infcnmation center by terminal device connected widi the information center, 

connecting a computer card owned by die user to an infor- wherein the information center, the Information terminal 

mation terminal device connected witii die information 55 device, and the computer card arc adapted to: deliver a wor k 

center, whoein the information center, the Information to for enr ryp^ny a desired digi tal information imm Tha 

termiiial device, and the computer card are ad^ited to: i m^&rmatiop center to the oftmp tj?<»i- thrAHfyh rtiftj^nr- 

deliver a work key for encrypting a desired digital informa- m ^on terminal device^ a nd register the work key in the 

tion from the ii^ormation center to the conqniter card computer card; deliver the desired digital information 

through the informadon tecxninai device, and register the 60 encrypted by the work key from the information center to the 

work key in the computer card; deliver die desired digital information terminal device; and decrypt an encrypted digi- 

information encrypted by the work key from the information tal information delivered from the information center at the 

center to the information terminal device; and decrypt an information tCTminal device by using die work key regis- 

encrypted digital information delivered from the informa- tered in die conqwter card, and provide a decrypted digital 

tion center at die information terminal device by using ihc 65 informadcm to die user at the infcHmation texminal device; 

work key registered in die con^Miter card, and provide a the conqxiter card con^xrising: oomnwnication control 

decrypted digital information to the user at die information means for making a communication with die infcffmation 
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tenninal device; public cryptosystem means for enaypting FIG. 16 is a diagrammatic Ulustratioa showing a proce- 

die wcnk kty in order to make a cipher communication of the dure for an infonnation utilization in the digital infonnation 

work key; signature conversion means for providing a protection of FIG. 1 according to the second embodiment 

signatureof the computer card; and work key storage means when an information to be utilized is not stared in the 

for storing the woik key. 5 informatioa terminal device. 

Other features and advantages of the present invention DETAILED DESCMFTION OF THE 

will become apparent &om the foUowing description taken PREFERRED EMBODIMENTS 
in conjunction with the accompanying drawings. 

Refecting now to FIG. I to FIG. 11, the first embodiment 

BRIEF DESCRIPTION OF THE DRAWINGS lo of the digital infonnation protectioD system according to the 

HG. 1 is a schematic block diagram of an overaU con- ^ ^ ^'^^'^ ^ 

figuration for the first and second embodiments of a digital m this fi«t embodiment, tl^ digital mformation pr^. 

information protection system according to the present tion system has an ovarall configuration as shown m HG. 1. 

invention. which oonqwises an infonnation center 1, an information 

>* ! 1 * i * 1 « ♦j^-^ *^ terminal device 2 connected with the information center 1, 

no. 2 fa a block of an Intenul wiifl^ of card 3 to be comiected to the infonnation 

Mmfomationccntoxnthedigitalinfoniiationprotcctoonrf temtoalTvicc 2. In addition, there is also provided a 

certificate authority 4 whkh will be necessary only in a 

FIG. 3 is a block diagram of an internal configuration of preliminary stage at a time of utilizing die puMic key 

an information terminal device In the digital information 20 cryptosystem as will be described below, 

protection erf FIG. 1. ^ information center 1 stores a large number of digital 

FIG. 4 is a block diagram of an internal configuration of information su^dled ftom information providers, and man- 

a coQ4)Uter card in the digital infonnation protection of FIG. ^ges them in a manner of a database. 

^* The information terminal device 2 is equipped with an 

no. 5 is a diagrammatic illustration showing a procedure ^ image disjday device, a speech output device, etc. necessary 

for a tnutual authentication between the information termi- Iq utilizing the digital information, and provided at a borne 

nal device and the computer card in the digital infonnation e^ch usee The infonnation center 1 and the information 

protection of FIG. 1. terminal device 2 are connected through a communication 

no. 6 is a diagrammatic illustration showing a procedure ^ network such that they can communicate with each other 

for a user authentication in the digital information protection through the communication network, 

of FIG. 1. The conyyuter card 3 is to be detacbably coimected to the 

RG. 7 is a diagrammatic illustration showing a procedure information terminal device 2, and c^ble of internally 

for a user's selection in the digital infonnation protection of sUxisig data indicating a trade content regarding which 

FIQ. 1. 33 infoimation has been purchased This computer card 3 is 

FIG. 8 is a diagrammatic iUustration showing a procedure owned by eadi uscr» and each user can utilizes the purchased 

for an infonnation request in the digital infonnation protec- infcxmation (such as video, music, etc.) by sending it 

tion of FIG 1 from the information ccnta 1 to the information terminal 

HG. 9is acHagrammaUciUustrationshowing ap«)cc^ devi«i 2 by connecting this computer card 3 to the infor- 

for a key delivery and a key receipt signing in the digital 40 tcimmal device 2. . . _^ . 

information jHXJtection of FIG. 1 according to the first The infomation center 1 has an mtcamal configuraUon as 

gj^jj^j^ji^m^ shown in FIG. 2, which inchides: an information iiq>ut unit 

FIG. 10 is a diagrammatic illustration showing a proc^ " ^^""^^T^f ^^^^f^f^^^ 

dure for a workl^ WK request in the digital iirforiation forage tmit 12 for staring Ae iirfonnaUon to be utili^; an 

protection of HG. 1 accorSig to the first mbodiment 45 mformahon cnoyptionunit 13 for cncryp^g the mtoma- 

. J. r^,. u ^on to be utilized; a WX gencxauon umt 14 for generating 

FIG. 11 IS a diagrammatocillustnrtion showmg a proce- a work key WK to be used at a time of enaypting the 

dure for an mfonnaUon delivery and an "if^mation utiH- information to be utilized; a pubUc conversion unit 15 for 

zatioo in thedigital i^oimation protection of FIG. 1 accord. ^^^yj^^thg workkey WK; a signature conversion unit 16 

ing to the first embodiment ^ converting a signature to indicate that the encrypted 

FIG. 12 is a diagrammatic illustration showing a proc©- workkey WK belongs to tiie information center 1 ; a memory 

dure for an information deUvery and storage and an infor- yj ^^^^^^ ^ pyi^jic j^^y ^f the information center 1, a 

mation center authentication in the digital information pro- certificate of the public key issued by die certificate authcff- 

tection of FIG. 1 acocffding to the second mbodiment 4^ intermediate results of computations, eta; a CPU 18 

FIG. 13 is a diagrammatic illustration showing a proce- f^^ controlling the information center 1 as a whcAc and 

dure for a signing and a ddivcry cettification preparation in executing the bash algorithm; a public key verification unit 

the digital information protection of FIG. 1 according to the 19 fos- verifying the public key of the computer card 3. etc.; 

second embodiment and a network input/output unit 20 for carrying out 

HO. 14 is a diagrammatic illustration showing a proce- exchanges with the network, 

dure for a key delivery and a delivery certification in the 50 The infcnmation tenninal device has an internal configu- 

digital information protection of FIO. 1 acccoding to the ration as shown in FIG. 3, which includes: a card isspuV 

second embodiment ou^t unit 21 for carrying out exchanges with the conqxiter 

FIG. 15 is a diagrammatic illustration showing a proce- card 3; a decryption key extraction unit 22 for carrying out 

dure for an information utilization in the digital information tiic decryption of the public key cryptosystem; an infoima- 

protection of FIG. 1 according to the second anbodiment 65 tion decryption unit 23 for cairying out the decryption of the 

when an infonnation to be utilized is stored in the informa- information to be utilized; an information ou^ut unit 24 for 

tion terminal device. ou^xitting Ae decrypted infonnation; an image dispUy 
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device 25a; a speech ou^ut device 25b; a secret protection 
mcchaaism 26 for physically protecting the secrecy of the 
decryption key extraction unit 22, ^e information decryp- 
tion unit 23, and the infcnnation ou^t unit 24; an infor- 
nution storage unit 27 for storing the information to be 
utilized in an encrypted state; a network input/ou^ut unit 28 
for carrying out exchanges with the network; a memory 29 
for stodng a public key ol the information tenninal device 
2, the certificate of the public key issued by the certificate 
authority 4, intermediate results of confutations, etc.; a 
CPU 30 for controlling the information terminal device 2 as 
a whole and executing the random number generation and 
the hash algc^ithm. 

The computer card 3 has an internal configuration as 
shown in FIG. 4, which includes: a public key verification 
device 31 for verifying the public key as a propff one 
according to the certificate issued by the oeitificate authority 
4; a public key oyptosystem device 32 for aRilying the 
encryption and the signature conversion; a communication 
device 33 for making a communication with the information 
terminal device 2; a password matching device 34 for 
carrying out the ]>as$word matching for the user authenti- 
cation; a decryption key registration device 35 for register- 
ing the decryption key of the purchased infonnation; a 
memory 36 for storing a public key of the computer card 3, 
the certificate of &e public key issued by the certificate 
authority 4, intermediate results of conqwtations, etc.; a 
CPU 37 for controlling the computer card 3 as a whole and 
executing the random number generation, etc.; a voltage 
monitoring device 38 for monitoring a voltage necessary in 
maintaining data such as ^e secret key, etc.; and a battery 39 
as a l>ack-up power source. 

This digital informatioa protection system of the first 
embodiment is operated according to the following infor- 
matioD utilization protocol based on the digital information 
protection sdicme of the present invention. 

<Prc|>arataiy set 

In the following^ a conversion for encrypting a message M 
by a key K to obtain an encrypted message C will be denoted 
as C=£K(M), and a conversion for decrypting the encrypted 
message C to obtain ttie original message M will be denoted 
as M-DK(C). In particular, in a case of utilizing the public 
key cryptosyslem, the encryption will l?e denoted as G=EK^ 
(M) and be decryption will be denoted as M==DK^C). The 
latter can also be used as the signature conversion as well 

The con^xitcr card 3 raters in advance its identifier 
IDu, its public key K^v, a certificate Xpu of the pubUc key 
Kjv» a public key of the certificate authority 4, and its 
scael key Kyy, where flie secret key K^/ in particular is 
registered Into a write only region within the public key 
cryptosystcm device 32 which is a protected area that cannot 
be read out fi-eety. The certificate is obtained as 
Xptr=DK^Kpt/) when the public key Kpu is auAenticatcd 
by the certificate authority 4, where the K^is a secret key 
of the certificate authority 4 which is kept in secret at the 
certificate authority 4. 

Similariy, the information terminal device 2 registers in 
advance its identifier ID5, its public key K^^s, a certificate 
of the public key 5, a public key Kg^ of the certificate 
authority 4, and its secret key while the information 
center 1 registers in advance its identifier IDj^ , its public key 
Kp^, a certificate X^j^ <rf Ac public key Kp^* » P«^<^ 
Kpc of the certificate auth^ity center 4, and its secret key 
Also, the computer card 3 registers data (such as a 
password) for authenticating the user in a state that cannot 
be read out illegally, by encrypting it for exaii4>lc. 
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<Mutual authentication between the conqsuter card 3 and 
the information terminal device 2> 

First, the mutual authentication between the conq)uter 
card 3 and the information tenninal device 2 is carried out 
^ according to the procedure shown in FIG. 5 as follows. 
When the computer card 3 is connected to the infonnation 
terminal device 3 by being inserted therein^ the random 
number R« the public key K^^ of the information terminal 
devioe 2 and its certificate X^ and the id^tifier ID5 of the 
infonnation terminal device 2 are seat from the information 
terminal device 2 to the computer card 3. 

Then, the con^Hitcr card 3 judges whe ther the public ke y 
Kps of the infocmation jenninal dev ice 2 is a proper one or 
not by certifying thai th^^blid llty K^^ ci the information 
terminal device 2 and its certificate X^^ are consistent, by 
utilizing the public key Kp^. of the certificate authority 4 
registered therein. When it is Judged as a proper one, the 
signature encryption conversion is applied to the random 
number R sent firom the inf onnaticHi terminal device 2, and 
T=E!WDK^)) or DKstXEKpsCR)). public key Kpt^ 
of ttie computer card 3 and its certificate X^^ and the 
identifier ID^ of th eco^aitg-card-l^a re sent from the 
compute card 3 to the ii^Siuahon termmal device 2. 
25 Hie information terminal device 2 certifies that the public 
key Kpi/ of the computer card 3 is a proper one by utilizing 
the public key Kpc of the certificate authority 4 registered 
therein, and ien J udges whether the connected computCT 
card 3 is cotrecfly that of the identifier W n or not by 
30 certifying whether T sent from the computer card 3 is 
consistent with R sent to the conq)uter card 3. 

Here, when this certification fails (Le., a result is NG)^ the 
information terminal device 2 indicates an error and ejects 
the computer card 3. 
35 <User authentication> 

Next, the user authentication is carried out according to 
the procedure shown in FIG. 6 as follows. 

The user enters a password Pswd into the information 
temunal device 2, and the information tenninal device 2 
^ sends the entered password Pswd to the computer card 3 to 
judge whediCT the entered password Pswd is a correct one 
coinciding with the password registered in the computer 
card 3 in advance. When the entered password Pswd is a 
coirect one, it is judged diat the user is a iHoper user, and a 
menu data is displayed to the user. 

In this procedure, the password iiq^ut errors are allowed 
for a prescribed number of times^ such as three times, and 
when the password input was tried three times 
unsuccessfully, the error processing to indicate an error and 
eject the computer card 3 is carried out as there is a 
possibility for diis user to be an inqiroper user. In addition, 
when this error japgessing cau sed by tju eejiflgugcessfiil 
trialFis rq)e atef for a preSmboTnul Sber o^ ^"^j..^ 
j5 five"timc571his userjs jud ged as an in^aropcr user andl toe 
c^^ut(^*card 3 is inva lidaled L ~" 

HareTit isal^poSifile to use different user authentication 
schemes. For example, it is possible to use a scheme in 
which the predetermined password is encrypted and stored 
60 in the computer card 3^ aiKl whether an encrypted result of 
the character string entered at the information terminal 
device 2 coincides with the stored enciypted password or not 
is checked, or wbetfier the diaracter string entered at the 
informatioa terminal device 2 coincides with a decryption 
6S result of the stared encrypted passw<»rd or not is chedced. 
It is also possible to use a scheme in which the predeter- 
mined password is stored in the coaster card 3 either in an 
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encrypted state or in a non-encrypted state, the character 
string entered at the infoimation teiminal device 2 is com- 
municated from the infcnnation terminal device 2 to the 
computer card 3 by means of the cipher comnuinication, 
whether the communicated character string coincides with 
the stored one or not is checked at the computer card 3, a 
parity of a random numba generated accorcUng to whetfia 
the communicated character string coincides with the stared 
one or not is adjusted in the known manner, and this random 
number is communicated from the con^uter card 3 to the 
infonnation taminal device 2 by means of the dpher 
comnumication. 

It is also possible to use a scheme in which the predeter- 
mined password Is stored in dte oon^ter card 3 eitherin an 
encrypted state or in a non-encrypted state, a sum or an 
exclusive OR of the character string entered at the informa- 
tion tCTiinal device 2 and a random number generated at the 
infcnnadon terminal device 2 is calculated, this calculation 
result is communication from the infonnation terminal 
device 2 to the compute card 3 by means of the cq>her 
communication, a dififcrcnoe or an exclusive OR of the 
communicated calculation result and the password regis- 
Icrcd in advance is calculated at the oonq>uter card 3 and an 
obtained value is returned from the counter card 3 to the 
information terminal device 2, and whether the returned 
value coincides with the generated random number or not is 
checked at die information terminal device 2. 

<User*s selection> 

Next, the user's selection is carried out according to the 
procedure shown in FIG. 7 as foUows. 

Namely, the user selects the desired information from the 
menu data displayed by the information terminal device Z 

<Infaniution request> 

Next^ the infoimation request is carried out acccixling to 
the procedure shown in FIG. 8 as follows. 

The infonnation tenninal device 2 sends a set RKX 
including the information identifier Req for the infonnation 
selected by the user (\viuch can be given by an intcmation- 
ally valid code sudi as an Intenatioaal recording code ISRC 
for the music information, or an identification number 
assigned by the information provider that can uniquely 
identiiy the information, etc.)> and the public key Kpj^g c[ the 
infoamadon center 1 and its certificate to the cont^Niter 
card 3. 

Then, the computer card 3 certifies that the public key 
Kj>j|, of the information center 1 and its certificate arc 
consistent by using the public key Kpc of the certificate 
authority 4 registered therein, signs Req, and obtains RQS= 
DK^^X^eq). Ihen, the oomputer card 3 encrypts this RQS by 
the public key K^j^ cf the inf<Hmation center 1 to obtain 
Rcr^BKpi^QS), and sends this R^ to the information 
terminal device 2. 

When R{/ is received, tibe information taminal device 2 
sends this R^^ alone widi the puUic key Kp^ of the computer 
card 3 and its certificate Xp^ to the information center 1. 

Hien, the infoimation center 1 certifies that the public key 
of the computer card 3 and its certificate Xpu that are 
sent from the information terminal device 2 are consistent, 
and obtains RQS=:DK5m(I^). Then, the infcnnation center 
1 obtains Re<|=£KpfXRQS), and retrieves the information 
specified by the obtained Req. 

<Kcy dcUvery and receipt signing> 

Next, the key delivery and die key recdpt signing are 
carried out according to the procedure shown in FIG. 9 as 
follows. 
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The information center 1 gencratca the work key WK for 
encrypting the information to be utHiied, encrypts this work 
key WK by the public key Kpu of the computer card 3, signs 
Ctr^EUpJWK), and sends this Cj^ along with SK^^isDKaji, 
^ (Cj^ to the computer card 3 via the information tenninal 
device Z 

Then, the oomputer card 3 verifies whether the signature 
is concct or not, obtains die work key WKby decrypting Cj^ 
and sends Si^VKsuiSK^t) to the infcmnation center 1 via 
to the infonnation terminal device 2 as a receipt signature for 
die woric key WK. Mean^Kiiile, die obtained work key WK 
is stored in the oon^uter card 3 along with the infc^matlon 
identifier Req in a state that cannot be read out iUegally, by 
encrypting it for example. 

<Work key WK requeso 

Next, the work key WK request is carried out according 
to the procedure shown in FIG. 10 as follows. 

Namely, after the information terminal device 2 sent S^^ to 
20 the infonnation center 1, the infamation terminal device 2 
sends a WK request message ReqW containing a raiKiom 
number r to the computer card 3. 

<Infonnation delivery and information utilization> 

Next, the information delivery and die information utili- 
25 zation are carried out according to tite procedure shown in 
FIG. 11 as follows. 

The computer card 3 concatenates the random number r 
contained in the WK request message ReqW and die wcxk 
key WK, encrypts them by die public key Kp^ of the 
^ inf(»matioQ terminal device X and sends the resulting 
V=EKp/WK, r) to the information terminal device 2. 

Then, at the information tenninal device 2, after V is 
decrypted by using the secret key Kgs of the information 
terminal device 2, whedier the random number r coincides 
widi that contained in the WK request message ReqW or not 
is checked, and the w<Hk key WK is set 

On the otha hand, whtR the work key receipt signature 
Sir is received, die information center 1 divides die infer- 
^ matron I into processing units, encrypts eadi processing unit 
of this infonnation I by the work key WIC applies a hash 
functi<»i hQ to C3=EWK(I), signs this h(C), and sends C and 
SI^DKjg^^C}) to the information terminal device Z 
Then, the infonnation tenninal device 2 verifies that this 
signature is correct, and decrypts the encrypted information 
C. 

Here, the secrecy is physically maintained from a device 
for decrypting by using die secret key K55 to a device for 
decrypting by using die work key WK. To this end^ this 
section, ic., the secret protection mechanism 26 of the 
infoimation terminal device 2 shown in FIG. 3. can be set in 
a safe box and sealed, or it is possible to adc^ a sdieme 
disclosed in R. Mori and M. Kawahata: ^'Superdistribution: 
The concept and die Architecture**, TVans. lEICE, Vol. E73. 

55 No. 7, pp. 1133-1146, July 1990. 

When C Is decrypted, a signature of the information 
terminal device 2 is attached to it, and ACK=DKj^(C)) is 
returned to the infcnmation center 1. Then, the information 
centa 1 certifies that ACK is a proper one, and records R^^, 

60 and ACK as a ground for charging. The information 
center 1 then continues the processing for the next pffocess- 
ing unit after the return of ACK is confirmed. 

As described, according to this first embodiment die 
encrypted information itself and die decryption key arc 

65 sepmted while the decryption key is safely stored within 
the computer card 3. As a result, tht infonnation will not be 
leaked to the third party because the information is delivered 

■ ) 
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in an eiusypted state, and the illegal copying will be difficult <Iiifonnation delivery and storage, and infonnation center 

because the decryption key is confined within the computer autfaentic«tion> 

card 3 and it is difficult even for the iegitiniate user to learn Next, the information delivery and storage and the infor- 

the decryption key while the decxyption of the infonnation madon center authentication are carried out according to the 

and the decryption of the work key WK are carried out at 5 procedure shown in FIG. 12 as follows, 

devices which are physically scaled within the information xhe infonnation center 1 generates the work key WK for 

terminal device 2. encrypting the infonnation I to be utilized and encrypfts this 

Consequently, it is possible to construct a system that can infcnmation I to obtain OEWK(I), and stores this encrypted 

be utilized by the InfoErmatioa im)vider without any anxiety. information C in the infonnation storage unit 12. Also, in 

In addition, there is no disadvantage from &e user's orda to indicate that this encrypted infonnation C is surely 

stan<4K>int and &e desired information can be utilized by what is sent out from the information center 1, a signature 

making an access to the information center even when it is of the information center 1 is attached to this encrypted 

not available at the information terminal device located information C. Here, the attaching of the signature to the 

nearby, so that there is an advantage that the infonnation entire encrypted information is inefficient, so that the sig- 

becomes available from any information terminal device. nature is attached with respect to h(Q in which the amount 

Rcfeiring now to HG, 12 to FIG. 16, the second embodl- of C is reduced by the one-way random hash algorithm h in 

mcnt <rf the digital infonnation protection system according a manner of Sl^VKsJh(C)y Then, the infonnation center 

to the present invention will be described in detail. 1 sends C and SIji, obtained in this manner to Ae infonnation 

In this second embodiment, the digital information pro- ^ teraiinal device X . ^ , ....... 

tectlon system has an ovcraU configuration similar to that erf The infwmation terminal device 2 then ^lies the hash 

the first embodiment shown in HG 1. In this second algorithm h to the encrypted infonnation C received from 

embodiment, the hifonnation center 1 has an internal con- the infonnation center 1 to obtain h(Q, and sends this h(C) 

figuration similar to tiiat shown in FIG. 2 described above along witii the Sl^ received from the infonnation center 1 to 

except that the CTU 18 also executes an infonnation con- ^ the con^Kiter card 3. 

version for the delivery certification. Also, ttie information The computer card 3 then verifies wh^er this signature 

terminal device 2 has an internal configuration substantially is conect not by checking whether EK^Sl^) coincides 

similar to that shown in FIG. 3 described above. Also, the with h(Q by using the pubUc key K^^^, of the information 

coiiq>uter card 3 has an internal configuration similar to that center 1, and registers the information identifier Rcq, and the 

shown in FIG. 4 described above except that the CPU 37 3^ encrypted identifier ID^ of the infonnation taminal device 

also executes an information conversion for the delivery 2. 

certification. <Signing and delivery certification preparation> 

This digital information protection system of the second Next, the signing and tiic delivery certification prcpara- 

embodiment is operated according to the following infor- tion are carried out according to the procedure shown in 

mation utilization protocol based on the digital information 35 FIG. 13 as follows. 

protection scheme of the present invention. The computer card 3 signs the hashed and encrypted 
<Ptq)aratory set up> information h(C) by ushig the secret key Ksv of the corn- 
In this second embodiment, the conqniter card 3 registers putcr card 3 in order to notify the infonnation center 1 that 
in advance its identifier ID^,, its pubUc key K«,. a certificate the encrypted infamation C has been stored |^ the infer- 
X^r Of the public key Kp^r, a public key K*c of die « vastxon tenmnal device 2 in a manner of Sy=DKsiXn(C)), 
aJtificateauftority 4, its secret key K^i,, a secret informa- and sends this to the hifonnation center 1 via the 
tion S, and a public infonnation n', where &c secret key K^u infonnation taminal device 2. 

and die secret infonnation S in ptarticular are registered into The inf<»mation center 1 then verifies whether this sig- 

a write only region within the public key cryptosystem nature is correct or not by checking whether EKptXScr) 

device 32 which is a protected area that cannot be read out coincides with h(Q. 

freely. Here, rO^r, S. and n* have a rdationsh^ of IDt;=S' Next, for fee purpose of fee delivery certification, fee 

mod n*, and n* is a product of two large prime numbers which conq»uter card 3 generates a random number r, (i=0, 1, . . . 

has a size of several hundred bits. , t-1) and obtains Xr^a* mod n', and sends XX=(XjXi\. 

The rest of the preparatory set up is substantiaUy similar . . K^i) to the information center 1 via the infOTmation 

to that of the first embodiment desoibed above. ^ tcrminaldevice2,whcretisanumberof bits in fee work key 

<Mumal authentication between fee computer card 3 and WK, and a symbol I denotes a concatenation, 

fee infonnation tcnninal device 2> <Key delivery and delivery certification> 

First, die mutual aufeentication between the coir«>utff Next, fee key delivery and fee dcUvery ccrtifi^tion arc 

card 3 and fee infonnation tcnninal device 2 is canied out 55 canied out according to fee procedure shown m FIG. 14 as 

substantially as fee procedure shown in FIG. 5 described follows. 

aljove The information cento- 1 ofcrtains EE=WKIIh(XX, RQS) 

<U«r aufeentication> ^r^^^' "1 ^ jf. T^- '™ 

^ ^ ^ ^ , exduslve OR for cadi hit, and feen divides tfus EE bu by bit 

Next, fee user aufeentication is carried out substantially as "T^I ilk wt « • 1 t n 

^ J u 1 TTrr^ £ A ..i«v„- 60 and sets each bit as e, (i=U, X, . . . , i-i;. 

fee procedure shown in FIG. 6 described above, ^ ^ ^ . r J < - tu» 

Then, fee information center 1 sends e^ to me computer 

<Uscr's selection> 3 re^nse, fee computer card 3 calculates 

Next, fee user's selection is carried out substantially as fee y^^'**^ mod n' from the received and returns this 

procedure shown in FIG. 7 described above. the information ccnta 1. Here, S is defined such feat 

<InfQtmation request> 65 ^' holds. 

Next, fee information request is carried out substantially When is received from fee computer card 3, fee 

as the fHwedure shown in FIG. 8 described above, information center 1 verifies whefecr Y^^v^^^TOod tl) 
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holds or act. When this relationship holds, the infonnation 
center 1 sends e^ to the computer card 3 next, and carries out 
the verification Yi in the similar manner. This operation 
is^repeated for t times , until Y^j is verified. After Y^i is 
v^med, the intormaUOD center 1 records R^f Sy, e„ and Y, 
{v=Oy 1, . . . , t-1) as the ground for charging. 

On tbt other hand, the computer card 3 obtains EB by 
concatenating the received e, as EE=<eJe|l. . . te^i), obtains 
WK from this EE as WKs=EEIIh(XX, RQS), and registers 
this WK in ooncspondcDce to Rcq and ID5 

It is to be noted that in the above [axxredurc, a manner of 
sending e, bit by bit has been described as a sin9)le manner 
of sending e,, but it is also possible to send some number of 
bits together instead. 

<Information utiiization> 

Next, in a case the information to be utilized is stored in 
the information tenninal device 2, the information utiliza- 
tion is canicd out acceding to the procedure shown in FIO. 
15 as follows. 

When the user utilizes Oie inf<Hmation, the counter card 
3 is connected to the information tenninal device 2 and this 
information tenninal device 2 is operated. At this point, the 
WK request message ReqW containing a random number r 
is sent from Oie infonuatioa terminal device 2 to the com- 
puter card 3. Then, the computer card 3 concatenates the 
random number r contained in the WK request message 
ReqW and the work key WK, encrypts them by the public 
key Kps of the information terminal device 2, and sends the 
resulting V=EKp5(WK, r) to the information terminal device 
2. 

Then, at tiie information tenninal device 2, after V is 
decrypted by using the secret key K^^ of the information 
terminal device 2, whether the random number r coincides 
with that contained in the WKrequest message ReqW or not 
is checked, and the wOTk key WK is set Then, the infor- 
mation t^minal device 2 decrypts the encrypted information 
C stored dicrcin by using tfiis work key WK to put tfic 
information in a utilizable state. 

Here, the secrecy is physically maintained from a device 
for decrypting by using the secret key K^^^ to a device for 
decrypting by using the work key WK. To Ihis end, this 
section, ie., the secret protection mechanism 26 of the 
information terminal device 2 shown in FIG. 3, can be se^ in 
a safe box and sealed, <»* it is possible to adopt a sdieme 
disclosed in R. Mori and M. Kawahara: '^uperdistzibution: 
The concept and the Architectore", TYans. lEICE, VoL E73, 
No. 7, pp. 1133-1148, July 1990. 

In this maimer, the legitimate user can utilize the infor- 
matioD stared In the information terminal device 2 whenever 
necessary, as long as the user has the proper computer card 
3. 

<Ijifoniiation utilization in a case the information to be 
utilized in not in the information terminal device 2> 

Next, in a case the information to be utilized is not stcared 
in the information terminal device 2, the infofmation utili- 
zation is carried out according to the procedure shown in 
FIG. 16 as follows. 

After the inf(Hmation request is made according to die 
procedure of FIG. 8 described above, the computer card 3 
checks whether that information identifier Req is registered 
therein or not If this iaformation identifier Req is registered, 
the information terminal device identifier IDf correspond^ 
ing to this information identifier Req is sent to the currently 
connected information terminal device 2 with the identifier 
ID5. In response, this information terminal device 2 with Ae 
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identifio' ID5 sends the information identifier Req to another 
infonnation terminal device T with the identifier ID^* to 
have the encrypted information C transferred from this 
anotha information terminal device 2*. Thereafter, the infor- 
3 mationutilizatioo according to the procedure shown in FIG. 
15 described above is carried out with respect to this 
encrypted infcnmation C 

Atteniatively, it is also possible to use the following 
procedure for utilizing the information wtiile the information 
is transferred. Namely, aft^Sc; is sent out to the information 
center 1, the infonnation tenninal device 2 sends the WK 
request message ReqW containing a random number r to the 
computer card 3. Then, the computer card 3 concatenates die 
random number r contained in die WK request message 
ReqW and the work key WK, encrypts them by the public 
key K^ of the infOErmation terminal device 2, and sends the 
resulting V=CKj»s(WK, r) to the information taminal device 
2. 

Then, at the infoonation terminal device 2, after V is 
decrypted by using tibe secr^ key K^^ of the information 

^ terminal device 2, whether the random number r coincides 
with that contained in the WK request message ReqW or not 
is checked, arul the woiic key WK is stL Then, the infor- 
mation terminal device 2 decrypts the encrypted inf onnatioQ 
C by using this work key WK to put die information in a 

^ utilizable state, and returns ACK to the computer card 3 in 
order to indicate that the work key WK has been received. 
At diis point, it is also possible for the infonnation terminal 
device 2 to store the infmutiott while the infonnation is 
decrypted. 

As described, according to this second mbodiment, in 
addition to the advantages that the info(rmati<m will not be 
leaked to the third party and the illegal copying will be 
difficult as in the first embodiment descrit>ed above, it also 
becomes possible to surdy and accurately charge the infor- 
mation by means of the delivery certification data. 

Consequently, it is also possiMc to construct a system that 
can be utilized by the information provider widiout any 
anxiety. In addition, there is no disadvantage from d&e user*s 
^ standpoint, and the desired infonnation can be utilized by 
mfliring an access to the infonnation center even when it is 
not available at the information terminal device located 
neart)y, so that there is an advantage that the information 
becomes available from any information terminal device. 
45 £ is to be noted that the first and second embodiments 
described above have been directed to a case of utiliziDg die 
public ooirununication channel sudi as ISDN, but the 
present invention is equally q)plicable to a case of using the 
connection-less cfaaimel such as a dedica t ed Hne. 
so It is also to be noted diat the qyplicability of the present 
invention is not limited to the computer soiftware, and 
extends to all kinds of a digital information delivery utilizing 
the communication of the encrypted digital information. 

Jt is also to be noted that, besides diose already mentioned 
55 above, many modifications and variations of the above 
embodiments may be made without departing from the 
novel and advantageous features of the present invention. 
Accordingly, aU such modifications and variations are 
intended to be included within the scope of the appended 
60 daims. 

What is claimed is: 

1. A method for digital information protection in a system 
in which a user makes an access to a digital information 
provided by an infonnation center, by cormecting a com- 
65 puter card owned by the user to an information terminal 
device connected with the information center, the method 
comprising the steps of: 
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(a) canying out a mutual autbenticadoo between the 
coin{Hitcr card and the infonnatioD tcmunal device; 

(b) canying out a user authenticatioii by the coiiq>uter 
card through the infoxmation terminal device; 

(c) sending an InformatioD request specifying the desired ^ 
digital information of the user from ttic iofonxiation 
terminal device to the inf<»mation center by signing 
and encrypting an information identifier for identifying 
the desired digital information; 

(d) sending the work key far encrypting the desired digital 
information from the information center to the com- 
puter card by a c^)her communication using a public 
key cryptosystcm; 

(e) obtaining and registering the work key sent from the 
information center at the computer card, and sending a 
work key recent signature from the conqsuter card to 
the information center; 

(f) receiving a work key request message containing a 
random number from the information terminal device ^ 
at the computer card, encrypting the work key acccffd- 
ing to the random number, and sending an encrypted 
work key from the computer card to the information 
terminal device; 

(g) encrypting the desired digital information specified by 2S 
the information request by using the work key at the 
information center, and sending the encrypted digital 
infoiroation from the information center to the infor- 
mation terminal device; 

(h) receiving and decrypting the encrypted work key sent 30 
from the con^uter card so as to <^>tain the woric key at 
the information terminal device, receiving and decrypt- 
ing die encrypted digital infarmation sent from the 
infonnation center by using the work key, and provid- 
ing the decrypted digital infoncatioD to the usa at (he 35 
infoxmation terminal device; and 

(i) sending an encrypted information receipt signature 
from the information terminal device to the information 
center, and recording the infonnation request, the work 
key rece^ signature, and the encrypted information 40 
reoe^>t signature as a ground for charging at the infor- 
mation center. 

2. The method of claim 1, wherein at the stq) (a), the 
mutual authentication between the computer card and the 
information terminal device is realized by sending a random 45 
number generated tyy the infarmation terminal device to &c 
computer card, signing and encrypting the random number 

at the conqHitCT card and returning a signed and encrypted 
random number to the information terminal device, and 
checking whether the signed and encrypted random number 50 
is consistent with the random number at the information 
tenninal device. 

3. The method of daim 1, wherein at the step (b), the user 
authentication by the con9>uter card is realized by st(n±ig a 
prescnbed password in the conqwter card, checking whedicr 55 
a user input entered at the information terminal device 
coincides with the prescribed password at the oonqHitcr card, 
CTecuting an error proce ssinajwfaen an erroneous usaLini>ut 

IS repeated for a presajbc d-numbeF-o^-toca^ and invalidat- 
ing the computer card when the eaor processing is repeated 60 
for a predetermined number of times. 

4. The method of claim 1, wherein at the step (b), the user 
authentication by the computer card is realized by storing a 
prescnbed password in an encrypted state in the computer 
card, and checking whctha a user input entered at tiie 65 
information terminal device coincides with the prescxibed 
password in a decrypted state at the coiiq>utcr card, or 



checking whether a user input entered and encrypted at the 
information terminal device coincides with the prescribed 
passwcod in (he encrypted state at the computer card. 

5. The method of claim I, wherein at the step (b), die user 
authentication by the computer card is realized by storing a 
prescribed password in the conqiuter card, sending a user 
input entered at the information terminal device to the 
computer card by a cipher communication, checking 
whether the user input coincides with the prescribed pass- 
word at the computer card, adjusting a parity of a random 
number generated according to whether the user input 
coincides widi the prescribed pas sword at the computer card, 
and sending the random number to the information terminal 
device by a c^er conununication. 

ti. The method of claim 1, wberdn at the step (b). the user 
authentication by the computer card is realized by storing a 
prescribed password in the computer card, sending a first 
value indicating a sum or an exclusive OR of a user input 
entered at the infcomation terminal device and a ran<^Hn 
number generated at the information tominal device to the 
computa card by a cipher conmiunication, sending a second 
vahie indicating a difference or an exclusive OR of of the 
first value and the prescribed password at the computer card 
to the infcHmadon terminal device, and checking whether 
the second value coincides with the random number at the 
infcHination terminal device. 

7. The method of daim 1, wherein at the st^ (c), the 
infcsroadoD terminal device sends the infonnatioa identifier, 
a public key of the infarmation center, and a certificate for 
the public key of the information center to the computer 
card, the con^ter card signs and encrypts the infonmation 
identifier by using a seaet key of the computer card and the 
public key of the information center and returns a signed and 
encrypted information identifier to the infomation terminal 
device, and the infonnation terminal device sends the signed 
and encrypted information identifier along with a public key 
of the conqMiter card and a certificate for die public key of 
the computer card to the information center, so as to prevent 
an improper access to the information center. 

8. The method <^ daim 1, wherein at the $t^ (d) and (e), 
the information center generates the work key, encrypts the 
work key by a public key of the con^>uter card, and sends 
a generated and encrypted work key along with a signature 
of the infmiation center to the computer card via the 
information terminal device, and the computer card verifies 
whether the signature of the information center is correct cxc 
not, obtains the wcrk key from the generated and encrypted 
work key, sends the work key receipt signature to the 
infarmation center via the information terminal device, and 
registers the work key along with (be information identifier. 

9. The method of daim 1. wherein at the step (f), the 
information terminal device sends the work key request 
message containing the random number to the computer 
card, after the work key receipt signature is sent from the 
computer card to the information center via the infarmation 
terminal device. 

10. The method of daim 1, wherein at the stq) (0, the 
computer card concatenates and encrypts the work key and 
the random number by using a public key of the information 
terminal device, and sends concatenated and encrypted work 
key and random number to the Information terminal device, 
and at the step (h), the information terminal device decrypts 
the concatenated and encrypted work key and random 
number, checks whedier a decrypted random number ooln- 
ddes with the random nmnber contained In the woric Icey 
request message, and decrypts the encrypted digital infor- 
mation sent from the information center by using a 
decrypted work key. 
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11. A method for digital informatioD protectioa in a 
system in which a user makes an access to a digital infor- 
mation provided by an infonnation center, by connecting a 
computer card owned by the user to an information terminal 
device connected with the infonnation centa, the method 
conqiiising the st^ of: 

(a) carrying out a mutual authentication between the 
computer card and the infonnation tenmnal device; 

(b) carrying out a user authentication by die computer 
card through the infonnation terminal device; 

(c) sending an infonnation request specifying the desired 
digital information of tiie user from the infiamation 
terminal device to the information center by signing 
and encrypting an infonnation identifier for identifying 
the desired digital Information; 

(d) encrypting the desired digital inf(»mation specified by 
the infonnation request by using the work key at the 
information center, and sending the encrypted digital 
infonnation from the infonnation center to the infor- 
mation terminal device and the counter card; 

(e) receiving and storing the enoypted digital infonnation 
sent from the infcomation center at the infonnation 
terminal device^ and sending an information receipt 
signature from the computer card to the information 
center via the infonnation tenninai device; 

(f) delivering the woric key for encrypting the desired 
digital infcooation from the infonnation center to the 
conq>utcr card, and obtaining and r^stering the work 
key sent from the information center at the coiiq>uter 
card, while leUiming a delivery certificate from die 
computer card to the information center, 

(g) receiving a work key request message ocmtalning a 
random number from the information terminal device 
at the computer card, encrypting the work key accord- 
ing to the random number, and sending an encrypted 
work key from the computer card to the infonnation 
terminal device; 

(h) receiving and decrypting the encrypted work key sent 
from die ooii^>uter card so as to obtain the work key at 
the information terminal device, decrypti ng the 
encrypted digital infonnation stored in meiniolliuilluii 
tencdnal device by using tne woxk Key, and providing 
the decrypted digital information to the user at die 
information terminal device; and 

(i) sending an encrypted inf<Hmation receipt signature 
from the infonnation terminal device to the information 
center, and recording the information request, the 
encrypted information receipt signature, and the deliv- 
ery certificate as a ground for charging at the informa- 
tion center: 

12. The method of claim 11, wherein at the step (a), die 
mutual authentication between the computer card and the 
information terminal device is realized by sending a random 
number generated t>y the information terminal device to the 
conq)uter card, signing and encrypting the random number 
at the conqmter card and returning a signed and encrypted 
random number to the infonnation terminal device, and 
checking whether the signed and encrypted random number 
is consistent witii the random number at the infonnation 
terminal device. 

13. The method of claim 11, v^erdn at the step (b), die 
user authentication by the computer card is realized by 
storing a prescribed password in the computer card, check- 
ing wbedier a user input entered at the information tenninai 
device coincides widi the prescribed password at the com- 
puter card, executing an ezror processing when an enoneous 
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user input is repeated for a prescribed number of times, and 
invalidating the computer card when tiie error processing is 
r^teated for a predetermined number of times. 

14. The method of daim 11, wherein at the step (b), the 
5 usa authentication by the computer card is realized by 

storing a prescribed password in an encrypted state in the 
counter card, and checking whether a user input entered at 
the information terminal device coinddes with the pre- 
scribed password in a decrypted state at the computer card, 
10 or checking i;^ether a user input entered and encrypted at 
the Information terminal device coinddes with die pre- 
scribed password in the encrypted state at the oonqiuter card. 

15. The method d daun 11, wherein at the step (b), the 
user authentication by the computer card is realized by 

15 storing a prescribed password in die computer card, sending 
a user input entered at the infonnation terminal device to the 
computer card by a cq>her communication, checking 
whether the user input coinddes with the prescribed pass- 
word at the computer card, adjusting a parity of a random 

20 number generated acccrding to whether the user input 
coinddes widi the prescribed password at the computer card, 
and sending the random number to the information tenninai 
device by a cjphei communication. 

16. The method of daim 11, wherein at the step (b), the 
25 user authentication by the computer card is realized by 

storing a prescribed password in die coiiq>uter card, sending 
a first value indicating a sum or an exdusive OR of a user 
input entered at the information terminal device and a 
random number generated at the information tenninai device 

30 to the computer card by a c^her communication, sending a 
second value indicating a di^erence or an exdusive OR of 
of the first value and the prescribed password at the com- 
puter card to die information terminal device, and checking 
whetiier the second value coinddes with the random number 

33 at die information terminal device. 

17. The method of cUdm 11, wherein at the step (c), die 
information tenninai device sends the information identifier, 
a public key of the information center, and a certificate for 
the public key of die information center to the compter 

40 card, the compute card signs and encrypts the information 
Identifier by using a secret key of the con^uter card and the 
public key of the information center and returns a signed and 
encrypted information identifier to the infonnation tenninai 
device, and the information terminal device sends the signed 

43 and enoypted infonnation identifier alone wldi a public key 
of the computer card and a certificate f the {Hiblic key of 
the computer card to the information center, so as to prevent 
an impr<^>er access to the infonnation center 
IS. The method of daim 11, wherein at the step (c), the 

SO infonnatioQ terminal device sends the information identifier, 
a public key of the infonnation center, and a certificate for 
die public key of the infonnation center to the conqmtcr 
card, the computer card signs the information identifier and 
encrypts a signed information identifier t>y using a secret key 

55 of the computer card and the public key of die information 
center and returns a signed and encrypted information 
identifier to the information terminal device, die information 
terminal device sends the signed and encrypted information 
identifier along widi a public key of the computer card and 

60 a certificate for the public key of die computer card to die 
information center, and die information center decrypts die 
signed and encrypted infixmation identifier to obtain the 
signed information identifier and utilizes the signed infor* 
mation identifier In delivering the work key and obtaining 

65 the delivery certificate at the step (f). 

19. The method of claim 11, ^^diercin at the steps (d) and 
(e), the information center generates die work key, encrypts 
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the desired digital infonnation by the w<rk key, aod sends 
the encrypted digital lafonnatLoa along with a signature in 
which the encrypted digital information is con^iressed and 
signed to the informatioo terminal device, the infarmatioo 
tenninal device stores the encrypted digital information s 
while the conq)uteT card verifies whether the signature is 
correct or not, and regist^ the information identifier along 
with an Identifier for the information tenninal device. 

20. The method of claim 11, wherein at the step (e), the 
coji^uter card signs a compressed and encrypted digital lo 
infonnation to obtain the encrypted infonnation receipt 
signature, and sends the encrypted informaticm receqpt sig- 
nature to the information center, and the informatioa center 
verifies the encrypted information receipt signature to con- 
firm that the encr)T)ted digital information has been correcdy ^3 
stored in the infonnation terminal device and the informa- 
tion identifier for the encrypted digital infonnation has been 
registered in the computer card. 

21. The method of claim 11, wherein at the step (f), the 
delivery certificate certifies that the work key has been ^ 
correctly delivered from the infonnation center to the com- 
puter card. 

22. The method of claim 11, vvlierein at the step (g), tiie 
oonq>uter card concatenates and encrypts the work key and 
the random number by using a public )asy of the information 
tenninal device, and sends concatenated and encrypted work ^ 
key and random number to the infonnation tenninal device, 
and at the step (h), the infonnation terminal device decrypts 
the concatenated and encrypted work bey and random 
number, checks whedicr a decrypted random number coin- 
cides with the random number contained in the work key 
request message, and decrypts the encrypted digital infor- 
mation stored in the information terminal device by using a 
decrypted work key. 

23. The method of claim 11, further comprising tfie step 

<rf: 35 
transferring another encrypted digital information stored 
in another infonnation terminal device to the informa- 
tion terminal device; and 
storing said another encrypted digital infcsmation trans- 
ferred at the transferring st^ in the informatiQD termi- ^ 
nal device such that said another encrypted digital 
infonnation can be utilized at the information tenninal 
device by carrying out the steps (f) to (i) with respect 
to said another encrypted digital inf<Hmation. 

24. The method of clahn 11, further comprising the step 



puter card, and providing a decrypted digital informa- 
tion to the user at the information terminal device. 
26. The method of claim 25, furdier comprising the steps 



of: 



45 



transferring another encrypted digital information stored 
in another information tenninal device to the informa- 
tion terminal device; and 

carrying out the steps (f) to (i) with respect to said another ^ 
encrypted digital information transferred at the trans- 
ferring st^. 

25. A method for digital Infonnation protection in a 
system in which a user makes an access to a digital infor- 
mation provided by an information center, by connecting a 
computer card owned by the user to an informatiQn terminal 
device connected with the infonxuuion center, the method 
oon^Jdslng the steps of: 
ddivCTing a work key for encrypting a desired digital 
infonnation from the information center to the com- 
puter card through the information tenninal device, and 60 
registering the work key in the coit^uter card; 
delivering the desirtd digital information encrypted by the 
work key from the infonnation center to the infonna- 
tion terminal device; and 
decrypting an encrypted digital information delivered 63 
from the information center at the infonxution terminal 
device by using the work key registered in the com- 



of: 

sending an information request spediying the desired 
digital information of the user from the infonnation 
terminal device to the information center; 

sending a work key receipt signature from the computer 
card to the infosmation center in response to a delivery 
of the work key; 

sending an encrypted information recent signature from 
the informatioD tenninal device to the information 
center in response to a delivery of the encrypted digital 
iftformation; and 

recording the infonnation request, the work key receipt 
signature, and the encrypted inf<»ination receipt signa- 
ture as a ground for charging at die information center. 

27. The method of claim 25, fiirther comprising the steps 
of: 

sending an infonnation request specifying the desired 
digital infonnation of the user from the infonnation 
terminal device to information center; 

sending an encrypted infonnation receipt signature from 
the information terminal device to the information 
center in response to a delivery of the encrypted digital 
information; 

returning a delivery certificate from the computer card to 
the information center in a course of a delivery of the 
work key; and 

recording the information request, the encrypted informa- 
tion recdpt signature, and the delivery certificate as a 
ground for <^«rging at the information center. 

28. A digital infom^on protection system, comprising: 
an information center for providing a digital infonnation; 
an information tenninal device connected with the infor- 
mation center, and 

a computer card owned by a user, such that the user makes 
an access to die digital information provided by die 
infonnation center by connecting the computer card to 
the informatioo tenninal device; 
wherein the information center, the information terminal 

device, and the computer card are adapted to: 
deliver a woric key for encrypting a desired digital infor- 
mation from the information center to the computer 
card through the infonnation tenninal device, and 
regbtcr the woik key in the computer card; 
deliver the desired digital information encrypted by the 
wodc key from the information center to the informa- 
tion tenninal device; and 
decrypt an enoypted digital information ddivered from 
the information center at the infonnation terminal 
device t>y using the work key registered in the com- 
puter card, and provide a decrypted digital information 
to the user at the information terminal device. 

29. The system of claim 28, wherein the information 
center, the information t*Tmi"«i device, and die computer 
card are further adapted to: 

send an information request specifying the desired digital 
Infonnatioa of the user from the infonnation terminal 
device to the information center; 
send a wodc key receipt signature from the cornputo' card 
to the infonnation center in response to a delivery of the 
work key; 

send an encrypted information receipt signature from the 
information toimnal device to the information center in 
response to a delivery of the encrypted digital infor- 
mation; and 
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record the bfonnation request the woik key receipt 
signature, and the emrypted inf armation receipt signa- 
ture as a ground for charging at the infc^mation center. 

30. The system of daim 28, wherein the infcnnation 
center, &e infcnnation taminal device, and the conqMiter 5 
card are further adapted to: 

send an information request specifying the desired digital 
information of the user from the information terminal 
device to the infonnatioa center; 

send an encrypted information receipt signature from the 10 
information terminal device to the information center in 
response to a delivery of the encrypted digital infor- 
mation; 

return a delivery certificate from the compute card to the 
information center in a course of a ddiveiy of the work 15 
key; and 

record the information request, the enaypted infcnnation 
receipt signature, and the ddiveiy certificate as a 
ground for chargUig at the information center. 

31. An information center for a digital infonnatioa pro- 20 
tection system in whidi a user makes an access to a digital 
infcnnation provided by the information center by connect- 
ing a computer card owned by the user to an information 
terminal device connected with the information center, 
wherein the information center, the information terminal ^ 
device, and the ooiiq)uter card are ad^ted to: 

ddiver a work key for encrypting a desired digital infor- 
mation from the information center to the coxiq>uter 
card through the information terminal device, and 
register the work key in the computer card; 

deliver the desdied digital infonnatioa encrypted by the 
work key from the infornution center to die informal 
tion terminal device; and 

decrypt an encrypted digital infcnnation delivered from 
the information center at the informaticHi terminal 33 
device by using the work key registered in the com- 
puter card, and provide a decrypted digital information 
to the user at the information terminal device; 

tiie information center comprising: 

information storage means for storing the digital infcH^ 40 
mation; 

communication control means f<^ making a communica- 
tion with the information terminal device; 

key generation means for generating the work key; 

encryption means for encrypting the digital information 
by using the woric key; 

public key cryptosystem means for encrypting the wwfc 
key in order to make a cipher conunnnication of the 
work key; and 

signature conversion means for providing a signature of ^ 
the information center. 

32. The infc»mation center of claim 31, further conqvis- 
ing 

information conversion means for delivering the work key 
to the computer card while recdving a delivery certifi- 
cate from the computer card. 

33. An information terminal device for a digital informa- 
tion protection system in which a user makes an access to a 
digi^ information provided by an information center by 
connecting a conqMitcr card owned by tiie user to the 60 
information terminal device connected with the information 
center, wherein the infonnation center, die information 
terminal device, and the computer card are adapted to: 

deliver a work key for encrypting a desired digital infor- 
mation from the information center to the computer 65 
card through &e information terminal device, and 
register the work key in the computer card; 
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deliver the desired digital informatioo encrypted by the 
work key from the information center to the informa- 
tion terminal device; and 

decrypt an cncopted digital informatioa delivered from 
the infonnation center at the information terminal 
device by using the work key registered in the com- 
puter card, and provide a decrypted digital information 
to the user at the information terminal device; 

die information terminal device conqirising: 

first communication control means for making a commu- 
nication with the infomation center; 

second conomimicatioo control means for making a com- 
municatioa with the conqxiter card; 

information storage means for storing the digital infor- 
matioa; 

public cryptosystem means fcx encrypting the weak key in 
order to make adpher cosnmunication of the work key; 

signature conversion means for providing a signature of 
the informatioa terminal device; 

random number generation means for generating a ran- 
dom number; 

matching means for matdiing the random number gener- 
ated by the random number generation means with a 
random number received from the conq^uter card; 

secret key storage means for stcxing a secret key of the 
infonnatioa terminal device; 

decryption means for decrypting an encrypted w<^ key 
and an encrypted digital information; and 

secrecy protection means for physically protecting a 
secrecy of the random number generation means, the 
matching means, the secret key storage means, and the 
decryption means* 

34. A oonqmter card for a digital informatioa protection 
system in which a user makes an access to a distal infor- 
mation provided by an infonnation center by connecting the 
computer card owned by the user to an information terminal 
device connected with the information center, wherein the 
infonnatioa center, the information tenniaal device, and the 
conqHiter card are adapted to: 

deliver a work key for encrypting a desired digital infor- 
mation from the information center to the computer 
card through the information terminal device, and 
register the w<Hk key in the computer card; 

deliver the desired digital infonoatian encrypted by the 
work key from the infonoatioa center to the infcnma- 
tion terminal device; and 

decrypt an eacrypted digital information delivered fix>m 
the infonnation center at the infonnatioa terminal 
device by using the work key registered in the com- 
puter card, and provide a decrypted digital information 
to ttie user at the informatioo terminal device; 

the computer card comprising: 

communication control means for making a communica- 
tion with the informatioa terminal device; 

public cryptosystem means for encrypting the work key in 
order to make a dpher communication of the work key; 

signature conversion means for providing a signature of 
the conqmter card; and 

work key storage means for staring the work key. 

35. The c<miputer card of claim 34, further comprising 
infcnnation conversion means for receiving a delivery of 

the woric key from the inf onxution center while return- 
ing a delivery certificate to the information center. 

***** 
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